Ok so here is what i have done. my home network is on the 192.168.2.0/24 network and i have BT2 bridged via virtual box. i perfomr this command:

nmap -sV -P0 192.168.2.0-255

finds all my interesting stuff along with banner grabbing. So i notice it finds my router and tells me the exact type and what not. Very cool. So i point firefox to the IP provided and it asks for user name and pass. For lab purposes i set user name to admin and a simple password(7 digit number. this might be the problem). I make sure that hydra is set to verbos and that its pointing to the wordlist.txt i set protocol to http-get and set username to admin pointing to target ip of 192.168.2.1. after 15 minutes of waiting this is what appears on my output. even though i grabbed it at 19,441 or so. it was still going at 50,000+ tries.

i quote:The Tuning tab is used for selecting the number of login attempts that are submitted simultaneously, and this number can be quite critical. Too high and the chances of being detected or locked out of the system are much higher, but too low and it could take days to work through your password list.

CISSP, CEH, ECSA, OSCP, OSWP, eCPPT, eWAPT

earning my stripes appears to be a road i must travel alone...with a little help of EH.net

Yea be sure to use the right parameters. Especially pay attention to the -t -w and -f parameters. You usually want to use -f to make hydra stop when it gets the password right. If you don't do this I believe it will just keep running and try other passwords.

zeroflaw wrote:Yea be sure to use the right parameters. Especially pay attention to the -t -w and -f parameters. You usually want to use -f to make hydra stop when it gets the password right. If you don't do this I believe it will just keep running and try other passwords.

i used xhydra form the cli. I followed a video tutorial from the purehate blog(google search) and followed it to a T. I even have the same router as he uses in the video. WRT54G non flashed. Just the normal firmaware.

XHydra? Is that the GUI version? Well anyway, it seems you need to be really careful with the number of tasks you let hydra perform. After some googling and actually trying hydra myself on the de-ice disks, I've found that 8 tasks works best.

zeroflaw wrote:XHydra? Is that the GUI version? Well anyway, it seems you need to be really careful with the number of tasks you let hydra perform. After some googling and actually trying hydra myself on the de-ice disks, I've found that 8 tasks works best.

Hmm, i tried messing around with the parameters and took it down to 8 and below for tasks. Still same error. Maybe my router is the issue. I know it does weird things at times. haha. ill keep trying and when i get it to work, ill post my finindgs.

I'd throw a packet trace on the wire (wireshark,) and see if A.) the packets are getting to the router, and B.) if the router ever appears to respond. That should tell you if the router is doing ANYTHING in response. If it is, and hydra just doesn't like it, then it's a timeout or something on the application side. If it's NOT, then you need to see if the router even tries to accept connection attempts, and go from there.

Based on your saying it sure knocks your connection around, it sounds like the packets are definitely hitting it, so it's more than likely you're either hitting the wrong page on the router, or your router isn't configured for http versus https or something, and you're misconfigured, somwehere, either at the router or in hydra...

Very basic overview, but you should be able to get the idea...

~ hayabusa ~

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'

hayabusa wrote:I'd throw a packet trace on the wire (wireshark,) and see if A.) the packets are getting to the router, and B.) if the router ever appears to respond. That should tell you if the router is doing ANYTHING in response. If it is, and hydra just doesn't like it, then it's a timeout or something on the application side. If it's NOT, then you need to see if the router even tries to accept connection attempts, and go from there.

Based on your saying it sure knocks your connection around, it sounds like the packets are definitely hitting it, so it's more than likely you're either hitting the wrong page on the router, or your router isn't configured for http versus https or something, and you're misconfigured, somwehere, either at the router or in hydra...

Very basic overview, but you should be able to get the idea...

Hmm, i know the router is set to http because i tried hhtps and it hated that. Im gonna have to try wireshark and see what happens. Never thought of that actually. See i do learn something new everyday..

Im thinking that my router might be messed up because when i first bought it it had a very hard time doing normal things such as saving settings.. Gonna try against smoothwall and see what happens.

you can also try adding another computer to the router through the broadcast port and sniff all packages with wireshark. actually the same option as hayabusa offered, but then you sniff the complete network to check for abnormality.

CISSP, CEH, ECSA, OSCP, OSWP, eCPPT, eWAPT

earning my stripes appears to be a road i must travel alone...with a little help of EH.net